#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Automotive Industry | Breaking Cybersecurity News | The Hacker News

Category — Automotive Industry
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

Sep 26, 2024 Automotive Industry / Technology
Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription," security researchers Neiko Rivera, Sam Curry, Justin Rhinehart, and Ian Carroll said . The issues impact almost all vehicles made after 2013, even letting attackers covertly gain access to sensitive information including the victim's name, phone number, email address, and physical address. Essentially, this could then be abused by the adversary to add themselves as an "invisible" second user on the car without the owner's knowledge. The crux of the research is that the issues exploit the Kia dealership infrastructure ("kiaconnect.kdealer[.]com") used for vehicle activat...
U.S. Proposes Ban on Connected Vehicles Using Chinese and Russian Tech

U.S. Proposes Ban on Connected Vehicles Using Chinese and Russian Tech

Sep 24, 2024 National Security / Regulatory Compliance
The U.S. Department of Commerce (DoC) said it's proposing a ban on the import or sale of connected vehicles that integrate software and hardware made by foreign adversaries, particularly that of the People's Republic of China (PRC) and Russia. "The proposed rule focuses on hardware and software integrated into the Vehicle Connectivity System (VCS) and software integrated into the Automated Driving System (ADS)," the Bureau of Industry and Security (BIS) said in a press statement. "These are the critical systems that, through specific hardware and software, allow for external connectivity and autonomous driving capabilities in connected vehicles." The agency said nefarious access to such systems could enable adversaries to harvest sensitive data and remotely manipulate cars on American roads.  The proposal extends to all wheeled on-road vehicles such as cars, trucks, and buses. Agricultural and mining vehicles are not included. The BIS said "cert...
7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

Dec 04, 2024Risk Management / Zero Trust
Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud's flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and poor access management.  Privileged accounts with access to your critical systems and sensitive data are among the most vulnerable elements in cloud setups. When mismanaged, these accounts open the doors to unauthorized access, potential malicious activity, and data breaches. That's why strong privileged access management (PAM) is indispensable. PAM plays an essential role in addressing the security challenges of complex infrastructures by enforcing strict access controls and managing the life cycle of privileged accounts. By employing PAM in hybrid and cloud environments, you're not...
Expert Insights / Articles Videos
Cybersecurity Resources